exploitDog

GHSA-gw24-5v6p-pvvv

Опубликовано: 22 окт. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations.

The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations.

Ссылки

EPSS

Процентиль: 70%

0.00635

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-35

Связанные уязвимости

CVE-2025-41723

CVSS3: 9.8

nvd

4 месяца назад

The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated remote attacker bypass the path restriction and upload files to arbitrary locations.

EPSS

Процентиль: 70%

0.00635

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-35